Is your private phone number on
Facebook? Probably. And so are
your friends' Uploads from iPhones using the
Facebook app will push all your
contacts onto Facebook's servers
- where they'll be matched
against any and everyone.
Worried at all? Update: Or how about a random Facebooker's
number? book's iPhone app does ask
you to press a button before
using it. And agree to something.
But what, precisely? If you have a friend on Facebook
who has used the iPhone app
version to access the site, then
it's very possible that your
private phone numbers - and
those of lots of your and their friends - are on the site. The reason: Facebook's "Contact
Sync" feature, which
synchronises your friends'
Facebook profile pictures with
the contacts in your phone. Except that it doesn't do that on your phone. Oh no. Because that would be wrong, to pull the photos down from Facebook and put them on your phone. That would breach Facebook's terms of service. Update: A more recent version of the app shows that it
does download "your friends'
profile photos and other info
from Facebook" to add to your
iPhone address book. Instead, what What Facebook's app does it that it imports all the names and phone numbers you
have on your (smart)phone,
uploads them to Facebook's
Phonebook app (got a Facebook
account? Here's your Phonebook) . (Update: Rhodri Marsden says that you'll now get a big
warning sign saying that the
numbers are imported into
Facebook. That's above.) Pause for a moment and go and look at it. Did you know those numbers? Did you collect them?
Despite the reassuring phrase
there - "Facebook Phonebook
displays contacts you have
imported from your phone, as
well as your Facebook friends" - it's absolutely not true. I know
because there are numbers there
which I don't have. OK, perhaps
the people who own them added
them; but that's not clear either.
So how did they get there? Because it only takes one person
to upload another person's
number, and the implication is
that it's going to be shared
around everywhere. Update: that's the implication of "all contacts from your device...
will be sent to Facebook and be
subject to Facebook's Privacy
Policy". Note, not just your
friends - but everyone on your
device. The implications are huge, and
extremely worrying. All it takes
is for someone's Facebook
account to be hacked (perhaps
via their phone being stolen) and
lots of personal details are revealed. Or, as Craig noted in the comments, you get your phonebook record of "Steve
Car" (which was for his garage
mechanic) somehow linked to
someone called "Steve Carlton" -
who he doesn't know. Update: Facebook says, in a statement: "Facebook never
shares personally identifiable
information with third parties 
advertisers are only given
anonymised and aggregated
data." It also adds: "Facebook is a free service and something that
many people find adds value to
their day-to-day lives. As with
any service, users do need to
invest some time in order to use
it properly and we encourage people to use their privacy
settings to do this and to access
the Help Centre for support." Kurt von Moos, who first wrote about this earlier this year (since when Facebook has revised its
privacy statement, but not
altered what goes on in this
way) says that there are a
number of reasons to be
concerned. As he puts it: "1) Facebook doesn't warn
users that they are
uploading their phone's
adress book to Facebook. In
fact, because Facebook
doesn't sync contact numbers or email addresses
TO your phone, most users
wrongly assume that
Facebook Contact Sync only
syncs user pictures. In
reality though, they are pumping your address book,
without your
consent." [Since then the
Facebook app has clearly
been updated with a
warning.] Facebook says you can remove your mobile contacts, but it's not clear that that will remove your
mobile if someone else uploads
it. von Moos continues: "2) Phone numbers are
private and valuable. Most
people who have entrusted
you with their phone
numbers assume you will
keep them private and safe. If you were to ask your
friends, family or co-workers
if they are ok with you
uploading their private
phone numbers to be cross-
referenced with other Facebook users, how many
of them do you think would
be ok with it?" He also points to even more
egregious problems: (a) can you
be sure how Facebook, or its
advertisers or partners or
whatever it becomes down the
line, will use that data? (b) why is it that Facebook takes all your
mobile numbers, rather than
matching names of contacts with
names of friends? (c) sometimes,
it gets the matches wrong - and
incorrect (or faked) data that people have given to Facebook
as their "contact" details (such as
hotels or businesses) gets linked
as being a "friend", or the lack of
an international dialling prefix
messes up the match, and means again that someone who you
don't know is identified as a
"friend" or contact. von Moos concludes: "There are
some contacts and phone
numbers who's privacy I simply
refuse to risk on the Web.
Facebook has taken and
continues to take liberties on behalf of their users. Their
perception of privacy and their
users perception of privacy is
often very different. I don't think
this is maliciousness on
Facebook's part, but it does show me that Facebook is painfully out
of touch with the needs and
beliefs of their CORE users, who
are still wary of the openness
that a Web 2.0 lifestyle entails...., SOMA ZAIDI KWENYE HIYO LINK JUU HAPO!